m/rdp-proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
rdp-proxy/scripts/installation
T
History
m 8ba0561f4f Initial project snapshot
2026-04-28 22:29:50 +03:00
..
product-root-tool.go
Initial project snapshot
2026-04-28 22:29:50 +03:00
README.md
Initial project snapshot
2026-04-28 22:29:50 +03:00

README.md

Installation Authority Tooling

The Product Root private key must stay outside the repository and outside the cluster database. The backend stores only the public key and signed activation records.

Generate a Product Root key pair:

go run scripts/installation/product-root-tool.go generate-key

Configure production backend nodes with the generated public_key_b64:

$env:INSTALLATION_AUTHORITY_MODE = "strict"
$env:INSTALLATION_PRODUCT_ROOT_PUBLIC_KEY_B64 = "<public_key_b64>"

Create a signed first-owner activation manifest:

go run scripts/installation/product-root-tool.go activate `
  -private-key-file C:\secure\rap-product-root.json `
  -install-id install-prod-001 `
  -owner-email owner@example.com `
  -expires-at 2026-05-01T00:00:00Z `
  -environment production

Use the output activation_payload and activation_signature in the admin panel first-owner screen or in POST /api/v1/installation/bootstrap-owner.

Reference in New Issue View Git Blame Copy Permalink